PfSense Community Edition versions 2.2.6 and below suffer from cross site scripting, code injection, and cross site request forgery vulnerabilities.
>> CATEGORY: exploit
AirOS version 6.x suffers from an arbitrary file upload vulnerability.
Microsoft Internet Explorer 11 ships with MSHTML.DLL referencing various DLLs which are not present on a Windows 7 SP1 installation, Windows 10 is not affected, other Windows versions have not…
An independent vulnerability laboratory researcher discovered a client-side cross site scripting web vulnerability in the official Avast Business online service web-application.
An independent vulnerability laboratory researcher discovered multiple application-side validation vulnerabilities in the offical Cyberoam Central Console v02.03.1 appliance web-application.
An independent vulnerability laboratory researcher discovered multiple web vulnerabilities in the official Ahrare Andeysheh Content Management System.
An independent vulnerability laboratory researcher discovered multiple client-side cross site scripting vulnerabilities in the official Direct Admin v1.50.0 hosting panel web-application.
The vulnerability laboratory core research team discovered an application-side validation vulnerability in the official C & C++ for OS web-application (api).
This Metasploit module exploits a Perl injection vulnerability in Exim versions prior to 4.86.2 given the presence of the “perl_startup” configuration parameter.